Volume QA part II: fixes and tests #9530
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test | |
on: | |
push: | |
branches: | |
- main | |
- 'release/**' | |
pull_request: | |
paths-ignore: | |
- '**.md' | |
env: | |
GO_VERSION: 1.22.x | |
jobs: | |
project: | |
name: Project Checks | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 20 | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
path: src/github.com/containerd/nerdctl | |
fetch-depth: 100 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache-dependency-path: src/github.com/containerd/nerdctl | |
- uses: containerd/project-checks@v1.1.0 | |
with: | |
working-directory: src/github.com/containerd/nerdctl | |
repo-access-token: ${{ secrets.GITHUB_TOKEN }} | |
- run: ./hack/verify-no-patent.sh | |
working-directory: src/github.com/containerd/nerdctl | |
- run: ./hack/verify-pkg-isolation.sh | |
working-directory: src/github.com/containerd/nerdctl | |
lint: | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 20 | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
cache: true | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v6.0.1 | |
with: | |
version: v1.59.1 | |
args: --verbose | |
- name: yamllint-lint | |
run: yamllint . | |
test-unit: | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 20 | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
cache: true | |
- name: "Run unit tests" | |
run: go test -v ./pkg/... | |
test-integration: | |
runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
timeout-minutes: 40 | |
strategy: | |
fail-fast: false | |
matrix: | |
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2 | |
include: | |
- ubuntu: 20.04 | |
containerd: v1.6.33 | |
- ubuntu: 20.04 | |
containerd: v1.7.19 | |
- ubuntu: 22.04 | |
containerd: v1.7.19 | |
- ubuntu: 22.04 | |
containerd: main # v2.0.0-rc.X | |
- ubuntu: 24.04 | |
containerd: v1.7.19 | |
- ubuntu: 24.04 | |
containerd: main # v2.0.0-rc.X | |
env: | |
UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- name: "Prepare integration test environment" | |
run: DOCKER_BUILDKIT=1 docker build -t test-integration --target test-integration --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
- name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
run: | | |
sudo systemctl disable --now snapd.service snapd.socket | |
sudo apt-get purge -y snapd | |
sudo losetup -Dv | |
sudo losetup -lv | |
- name: "Register QEMU (tonistiigi/binfmt)" | |
run: docker run --privileged --rm tonistiigi/binfmt --install all | |
- name: "Run integration tests" | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_on: error | |
command: docker run -t --rm --privileged test-integration | |
test-integration-ipv6: | |
runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
timeout-minutes: 40 | |
strategy: | |
fail-fast: false | |
matrix: | |
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2 | |
include: | |
- ubuntu: 24.04 | |
containerd: v1.7.19 | |
env: | |
UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- name: Enable ipv4 and ipv6 forwarding | |
run: | | |
sudo sysctl -w net.ipv6.conf.all.forwarding=1 | |
sudo sysctl -w net.ipv4.ip_forward=1 | |
- name: Enable IPv6 for Docker | |
run: | | |
sudo mkdir -p /etc/docker | |
echo '{"ipv6": true, "fixed-cidr-v6": "2001:db8:1::/64", "experimental": true, "ip6tables": true}' | sudo tee /etc/docker/daemon.json | |
sudo systemctl restart docker | |
- name: "Prepare integration test environment" | |
run: DOCKER_BUILDKIT=1 docker build -t test-integration-ipv6 --target test-integration-ipv6 --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
- name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
run: | | |
sudo systemctl disable --now snapd.service snapd.socket | |
sudo apt-get purge -y snapd | |
sudo losetup -Dv | |
sudo losetup -lv | |
- name: "Register QEMU (tonistiigi/binfmt)" | |
run: docker run --privileged --rm tonistiigi/binfmt --install all | |
- name: "Run integration tests" | |
# The nested IPv6 network inside docker and qemu is complex and needs a bunch of sysctl config. | |
# Therefore it's hard to debug why the IPv6 tests fail in such an isolation layer. | |
# On the other side, using the host network is easier at configuration. | |
# Besides, each job is running on a different instance, which means using host network here | |
# is safe and has no side effects on others. | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_on: error | |
command: docker run --network host -t --rm --privileged test-integration-ipv6 | |
test-integration-rootless: | |
runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
timeout-minutes: 60 | |
strategy: | |
fail-fast: false | |
matrix: | |
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2 | |
include: | |
- ubuntu: 20.04 | |
containerd: v1.6.33 | |
rootlesskit: v1.1.1 | |
target: test-integration-rootless | |
- ubuntu: 20.04 | |
containerd: v1.7.19 | |
rootlesskit: v2.1.0 | |
target: test-integration-rootless | |
- ubuntu: 22.04 | |
containerd: v1.7.19 | |
rootlesskit: v1.1.1 | |
target: test-integration-rootless | |
- ubuntu: 22.04 | |
containerd: main # v2.0.0-rc.X | |
rootlesskit: v2.1.0 | |
target: test-integration-rootless | |
- ubuntu: 24.04 | |
containerd: v1.7.19 | |
rootlesskit: v1.1.1 | |
target: test-integration-rootless | |
- ubuntu: 24.04 | |
containerd: main # v2.0.0-rc.X | |
rootlesskit: v2.1.0 | |
target: test-integration-rootless | |
- ubuntu: 20.04 | |
containerd: v1.6.33 | |
rootlesskit: v1.1.1 | |
target: test-integration-rootless-port-slirp4netns | |
- ubuntu: 20.04 | |
containerd: v1.7.19 | |
rootlesskit: v2.1.0 | |
target: test-integration-rootless-port-slirp4netns | |
- ubuntu: 24.04 | |
containerd: v1.7.19 | |
rootlesskit: v1.1.1 | |
target: test-integration-rootless-port-slirp4netns | |
- ubuntu: 24.04 | |
containerd: main # v2.0.0-rc.X | |
rootlesskit: v2.1.0 | |
target: test-integration-rootless-port-slirp4netns | |
env: | |
UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}" | |
TEST_TARGET: "${{ matrix.target }}" | |
steps: | |
- name: "Set up AppArmor" | |
if: matrix.ubuntu == '24.04' | |
run: | | |
cat <<EOT | sudo tee "/etc/apparmor.d/usr.local.bin.rootlesskit" | |
abi <abi/4.0>, | |
include <tunables/global> | |
/usr/local/bin/rootlesskit flags=(unconfined) { | |
userns, | |
# Site-specific additions and overrides. See local/README for details. | |
include if exists <local/usr.local.bin.rootlesskit> | |
} | |
EOT | |
sudo systemctl restart apparmor.service | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- name: "Register QEMU (tonistiigi/binfmt)" | |
run: docker run --privileged --rm tonistiigi/binfmt --install all | |
- name: "Prepare (network driver=slirp4netns, port driver=builtin)" | |
run: DOCKER_BUILDKIT=1 docker build -t ${TEST_TARGET} --target ${TEST_TARGET} --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} --build-arg ROOTLESSKIT_VERSION=${ROOTLESSKIT_VERSION} . | |
- name: "Test (network driver=slirp4netns, port driver=builtin)" | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_on: error | |
command: docker run -t --rm --privileged -e WORKAROUND_ISSUE_622=1 ${TEST_TARGET} | |
cross: | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 40 | |
strategy: | |
matrix: | |
go-version: ["1.21.x", "1.22.x"] | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go-version }} | |
cache: true | |
check-latest: true | |
- name: "Cross" | |
run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make binaries | |
test-integration-docker-compatibility: | |
runs-on: ubuntu-22.04 # TODO: ubuntu-24.04 | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: true | |
check-latest: true | |
- name: "Print docker info" | |
run: | | |
set -eux -o pipefail | |
docker info | |
docker version | |
- name: "Register QEMU (tonistiigi/binfmt)" | |
run: docker run --privileged --rm tonistiigi/binfmt --install all | |
- name: "Prepare integration test environment" | |
run: | | |
sudo apt-get install -y expect | |
- name: "Ensure that the integration test suite is compatible with Docker" | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_on: error | |
command: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon | |
- name: "Ensure that the IPv6 integration test suite is compatible with Docker" | |
uses: nick-fields/retry@v3 | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_on: error | |
command: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon -test.ipv6 | |
test-integration-windows: | |
runs-on: windows-2022 | |
timeout-minutes: 30 | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
with: | |
fetch-depth: 1 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: true | |
check-latest: true | |
- run: go install ./cmd/nerdctl | |
- uses: actions/checkout@v4.1.7 | |
with: | |
repository: containerd/containerd | |
ref: v1.7.19 | |
path: containerd | |
fetch-depth: 1 | |
- name: "Set up CNI" | |
working-directory: containerd | |
run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows | |
- name: "Set up containerd" | |
env: | |
ctrdVersion: 1.7.19 | |
run: powershell hack/configure-windows-ci.ps1 | |
# TODO: Run unit tests | |
- name: "Run integration tests" | |
run: go test -v ./cmd/... | |
test-integration-freebsd: | |
name: FreeBSD | |
# ubuntu-24.04 lacks the vagrant package | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 20 | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
- uses: actions/cache@v4 | |
with: | |
path: /root/.vagrant.d | |
key: vagrant-${{ matrix.box }} | |
- name: Set up vagrant | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt | |
sudo systemctl enable --now libvirtd | |
- name: Boot VM | |
run: | | |
ln -sf Vagrantfile.freebsd Vagrantfile | |
sudo vagrant up --no-tty | |
- name: test-unit | |
run: sudo vagrant up --provision-with=test-unit | |
- name: test-integration | |
run: sudo vagrant up --provision-with=test-integration |